Privacy Policy

Last updated: 14 April 2025

We are committed to protecting your privacy and handling your Personal Information in accordance with applicable privacy laws. The purpose of this policy is to explain how we handle your Personal Information and the measures and processes we have put in place to ensure its adequate protection. This policy applies to all Personal Information that we collect in the course of our business. Our Privacy Policy consists of:

  • this document, which applies to each individual whose Personal Information we collect; and
  • country-specific additional information that may apply to how we handle your Personal Information, depending on where you are located (as set out at the end of this document).

1. Definition

In this policy the expressions "we", "us" and "our" and "Metal Logic" are a reference to ROM (OpCo) Pty Ltd ACN 680 244 722. Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:

  • (a) whether the information or opinion is true or not; and
  • (b) whether the information or opinion is recorded in a material form or not.

Metal Logic Group means Metal Logic and any of its “associated entities” (as that term is defined in the Corporations Act 2001 (Cth)), and any other entity with a shareholding in, or common shareholding with, Metal Logic or any of its related bodies corporate.

Privacy Policy means this document as amended from time to time including any specific additional information that may apply to how we handled your Personal Information depending on where you are located.

Sensitive Information includes health information and information about a person's racial or ethnic origin, political or philosophical beliefs or affiliations, trade or professional affiliations, sexual preferences or practices, or criminal record.

The expressions "you" and "your" refer to each individual whose Personal Information we may handle from time to time where we are required to comply with the Privacy Act in respect of such Personal Information.

2. Types of Information Collected

We only collect Personal Information to the extent that this is reasonably necessary for one or more of our functions or activities. The types of Personal Information we collect includes but is not limited to the following kinds of information:

  • (a) name;
  • (b) contact details (such as email, address and/or phone numbers);
  • (c) payment details;
  • (d) if you apply for a role with us, your qualifications, experience, your curriculum vitae, your education and employment history; and
  • (e) to the extent the following is Personal Information:
  • (i) website usage information (as described below in paragraph 10); and

3. Method of Collection

Our preference is to collect Personal Information about an individual directly from that individual unless it is unreasonable or impracticable for us to do so.

We collect your Personal Information when you:

  • (a) visit our website;
  • (b) sign up to our offers and promotions;
  • (c) register your interest with us via online forms; and
  • (d) contact us via email, phone or post.

4. Purposes of Collection, Use and Disclosure

We may use and disclose your Personal Information for the primary purpose for which we collected your Personal Information, for reasonably related secondary purposes within your reasonable expectations and where required or authorised by law. This includes, but is not limited to:

  • (a) communicating with you: for example, responding to your enquiries, questions, requests and complaints and to send you updates about our business and activities;
  • (b) marketing: communicating with you about our operations and objectives and providing information to you about our activities, campaigns and events which we think may be of interest to you (unless you have opted out);
  • (c) conducting business transactions: such as processing invoices, bills and related financial matters related to Metal Logic's provision of goods and services;
  • (d) monitoring use of the Metal Logic website: including to analyse trends and statistics and to track actions performed on the website to improve the website;
  • (e) where applicable, managing our employment relationship with you, where you are a current or former employee; and
  • (f) complying with applicable laws.

If you do not provide us with the Personal Information that we request, we may not be able to offer you all of our services or provide you with information about our business and activities.

5. Disclosure of Personal Information to Third Parties

We do not and will not sell, rent out or trade your Personal Information. We will only disclose your Personal Information in the ways set out in this Privacy Policy and, in particular, to the following recipients:

  • (a) to any member of the Metal Logic Group, including their respective employees, officers, insurers, professional advisers, agents, and contractors, including where those Metal Logic Group members are involved in the provision of our services to you;
  • (b) to third parties who process your Personal Information on our behalf, such as our systems providers, cloud service providers, debt collection agencies, document management systems, dispute resolution bodies, external advisors, and other third parties that Metal Logic partners with in delivery of its services;
  • (c) to any third party to whom we assign or novate any of our rights or obligations;
  • (d) to any prospective buyer, in relation to the potential sale of or investment in our business or assets, or in the event we sell any part of our business or assets;
  • (e) to any government, regulatory agency, enforcement or exchange body or court where we are required to do so by applicable law or regulation or at their request; and/or
  • (f) to other persons or bodies, to the extent required by applicable law or regulation.

6. Direct Marketing

We may use your Personal Information to provide you with direct marketing material such as, without limitation, information about our activities, offers, products and services if:

  • (a) you have consented to receive direct marketing materials;
  • (b) you would reasonably expect us to use your Personal Information for this purpose; or
  • (c) we are otherwise permitted to do so by law.

You may opt-out of receiving marketing information from us by using the unsubscribe link within each email, or by contacting us to have your contact information removed from our email subscription list or registration database. Please note that even if you have requested not to receive further direct marketing communications, we may nevertheless continue to provide you with information about changes to our terms and conditions for the supply of our Platform and services and other factual information as permitted under applicable laws. We do not use Sensitive Information for marketing purposes.

7. Storage of Data and Overseas Disclosure

We, including our subcontractors, may hold electronic records of your Personal Information using cloud technology or by other electronic means, or in paper form. This means of holding Personal Information may include offshore storage.

We may disclose Personal Information to other parties including our service providers as permitted by the applicable laws. These third parties may be located overseas. It is not practicable for us to specify in advance the location of every service provider with whom we deal.

8. How Long Will We Hold Your Personal Information For?

We will only retain your Personal Information for as long as reasonably necessary to fulfil the purpose for which it was collected or to comply with legal, regulatory or internal policy requirements.

9. Data Security

We will take such steps as are reasonable in the circumstances to protect the Personal Information we hold from misuse or loss and from unauthorised access, modification or disclosure. We will also take steps as are reasonable in the circumstances to destroy or de-identify Personal Information once we no longer need it for any purpose for which the information may be used, disclosed or retained under the applicable laws.

We will comply with our obligations relating to the notification of eligible data breaches (as required under applicable laws). To the extent we are required to notify you of a data breach, we will take reasonable steps to make you aware of such data breach.

When using our website you should be aware that no data transmission over the Internet can be guaranteed as totally secure. Although we strive to protect such information, we do not warrant the security of any information that you provide us over the Internet and you do so at your own risk.

10. Website Usage Information and Cookies

We may collect information about your computer, including where available your IP address, operating system, browser type and web log information for system administration. This is statistical information about our users' browsing actions and patterns. For the same reason, we may obtain information about your general internet usage by using a cookie. Cookies contain information that help us to improve our site and to deliver a better service. Some of the cookies we use are essential for the site to operate.

You may block cookies by activating the setting on your browser which allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies as soon as you visit our site.

11. Changes To Our Privacy Policy

We may change or update parts of this Privacy Policy in order to maintain our compliance with applicable law and regulation or following an update to our internal practices. We will do this by updating this Privacy Policy available on this page. You may obtain a copy of our current policy from our website or by contacting us via the details in paragraph 14.

If the proposed modification will result in a material change to this Privacy Notice, we will provide you with written notice of the change. Except where required by law, you may not be directly notified of such a change so please ensure that you regularly check this Privacy Policy, so that you are fully aware of any changes or updates.

12. Access, Correction and Further Information

We will take such steps as are reasonable in the circumstances to ensure that the Personal Information which we collect remains accurate, up to date and complete.

We will provide you with access to your Personal Information held by us unless we are permitted under applicable laws to refuse to provide you with such access. Please contact us via the details in paragraph 14 if you:

  • (a) wish to have access to the Personal Information which we hold about you;
  • (b) consider that the Personal Information which we hold about you is not accurate, complete or up to date; or
  • (c) require further information on our Personal Information handling practices

There is no charge for requesting access to your Personal Information but we may require you to meet our reasonable costs in actually providing you with access.

If you consider that the information which we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, we will take reasonable steps, consistent with our obligations under the applicable laws, to correct that information if you so request.

We will respond to all requests for access and/or correction within a reasonable time.

13. Complaints

If you have a complaint or inquiry about the way in which we have handled any privacy issue, please advise us via the details in paragraph 14.

We will use reasonable efforts to deal promptly with complaints and inquiries and, in any event, acknowledge your complaint or inquiry within 30 days.

If you are not satisfied with how we manage your complaint, you may contact:

  • (a) if you are based in Australia, the Office of the Australian Information Commissioner, which can be contacted at GPO Box 5218 Sydney NSW 2001 or oaic.gov.au;
  • (b) any privacy or data protection regulator specified in the "specific privacy information" section for location, if applicable; or
  • (c) if you are based outside of the areas referenced above, the local privacy regulator or privacy commissioner in your location.

14. Contact Information

If you have any questions about our Privacy Policy or how we handle your Personal Information please contact us using the following details:

  • Email: privacy@metallogic.com

Specific Privacy Information For Australia

If you are in Australia, the following additional information is relevant to how we handle your Personal Information.

15. Employee Records

In accordance with the Privacy Act 1988 (Cth), this Privacy Policy does not apply to our acts and practices directly related to a current or former employment relationship between us and an employee, and an employee record held by us relating to the employee.